| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file |
| RealTerm Serial Terminal 2.0.0.70 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Port field. Attackers can paste a buffer of 1000 characters into the Port input field and click the open button to trigger a crash. |
| Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Webseeds field. Attackers can paste a buffer of 5000 bytes into the Webseeds field during torrent creation to trigger an application crash. |
| Memory Corruption when accessing trusted execution environment without proper privilege check. |
| Memory Corruption when adding user-supplied data without checking available buffer space. |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
| .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability |
| Memory corruption due to improper bounds check while command handling in camera-kernel driver. |
| Memory corruption while processing escape code, when DisplayId is passed with large unsigned value. |
| Memory corruption while processing escape code in API. |
| Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the AP to establish a TSpec session. |
| Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request. |
| Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally. |
| Memory corruption due to global buffer overflow when a test command uses an invalid payload type. |
| Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing. |
| Buffer over-read in Storport.sys Driver allows an authorized attacker to elevate privileges locally. |
| Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. |
| Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. |
| An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system.
The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. |
